System including a secure application configured to perform a clock update procedure
Abstract
A system comprising a real time clock, RTC, and a processor configured to execute a secure application to provide a secure clock and configured to operate in a first low-power-mode and a first normal-mode, and a non-secure application configured to perform a clock modification procedure and configured to operate in a second low-power-mode and a second normal-mode, the system configured to perform a secure clock initialisation procedure comprising obtaining a record of a current time from the RTC based on a transition from the first low-power-mode to the first normal-mode, wherein the secure application is configured to perform a clock update procedure including updating the RTC with a secure record of the current time and wherein the system is further configured to prevent performing the clock modification procedure after the clock update procedure has been performed.
Claims
exact text as granted — not AI-modifiedThe invention claimed is:
1 . A system comprising:
a real time clock, RTC, configured to keep a record of a current time, at least one processor configured to execute at least a secure application and a non-secure application, wherein the secure application is configured to operate in a first low-power-mode and a first normal-mode, wherein the secure application is configured to provide a secure clock for maintaining a secure record of the current time when operating in the first normal-mode, and wherein the secure clock is disabled during the first low-power-mode; and wherein the non-secure application is configured to operate in a second low-power-mode and a second normal-mode, wherein the non-secure application is configured to perform a clock modification procedure to update the RTC via a second communication link between the non-secure application and the RTC when the non-secure application is operating in the second normal-mode and not when the non-secure application is operating in the second low-power-mode; and wherein the system is configured to cause the secure application to perform a secure clock initialization procedure comprising obtaining the record of the current time from the RTC for initializing the secure clock based on a transition from the first low-power-mode to the first normal-mode, wherein the secure application is configured to perform a clock update procedure as part of a transition from the first normal-mode to the first low-power-mode, the clock update procedure comprising, via a first communication link between the secure application and the RTC, providing for updating of the RTC with the secure record of the current time, and wherein the system is further configured to prevent the non-secure application from performing the clock modification procedure after the clock update procedure has been performed, whilst the secure application is in the first low-power-mode and prior to the secure clock initialization procedure.
2 . The system of claim 1 , wherein the RTC is a hardware based RTC.
3 . The system of claim 1 , wherein
the system being further configured to prevent the non-secure application from performing the clock modification procedure after the clock update procedure has been performed comprises:
the system being configured to perform the clock update procedure after the non-secure application has transitioned from the second normal-mode to the second low-power-mode.
4 . The system of claim 1 , wherein
the system being further configured to prevent the non-secure application from performing the clock modification procedure after the clock update procedure has been performed comprises:
the system being configured to block communication over the second communication link.
5 . The system of claim 1 , wherein the system is configured to perform the clock modification procedure based on a detected change in temperature for calibration of the RTC.
6 . The system of claim 1 , wherein
the non-secure application is configured to an indication of the current time from an external time reference, and wherein the system is further configured to perform the clock modification procedure based on a difference between the RTC and said current time from the external time reference.
7 . The system of claim 1 , wherein
based on the transition from the first normal-mode to the first low-power-mode, the system is further configured to compare the record of the current time from the RTC with the secure record of the current time from the secure clock, and wherein performing the clock update procedure is conditional on the comparison indicating a difference between the record of the current time and the secure record of the current time above a predetermined threshold.
8 . The system of claim 7 , wherein
the system is configured to generate a signal indicative of whether the difference between the record of the current time and the secure record of the current time is above the predetermined threshold or below the predetermined threshold, and wherein the system is configured to store the generated signal to provide a record of a status of RTC.
9 . The system of claim 7 , wherein the predetermined threshold is based on an elapsed time since a most recent clock initialization procedure, wherein the elapsed time is based on the secure clock.
10 . The system of claim 9 , wherein
the secure clock comprises a timer arrangement configured to determine the elapsed time since the most recent clock initialization procedure, and wherein the secure record of the current time is based on a snapshot of the current time from the RTC taken during the secure clock initialization procedure and the elapsed time.
11 . The system of claim 9 , wherein
the predetermined threshold is defined as a percentage of the elapsed time.
12 . The system of claim 1 , wherein
the secure application is further configured to perform a secure clock update procedure to update the secure record of the current time based on an authenticated message from a trusted entity.
13 . The system of claim 1 , wherein
the secure application is configured to perform secure processing at least in part based on said secure record of the current time.
14 . The system of claim 13 , wherein
the secure processing includes one or more of:
an application of a cryptographic function to data, and
checking a validity of security certificates.
15 . An electronic device comprising the system claim 1 .
16 . A method of operating a system, the system comprising:
a real time clock, RTC, configured to keep a record of a current time, at least one processor configured to execute at least a secure application and a non-secure application, wherein the secure application is configured to operate in a first low-power-mode and a first normal-mode, wherein the secure application is configured to provide a secure clock for maintaining a secure record of the current time when operating in the first normal-mode, and wherein the secure clock is disabled during the first low-power-mode; and wherein the non-secure application is configured to operate in a second low-power-mode and a second normal-mode, wherein the non-secure application is configured to perform a clock modification procedure to update the RTC via a second communication link between the non-secure application and the RTC when the non-secure application is operating in the second normal-mode and not when the non-secure application is operating in the second low-power-mode; and wherein the method comprises: performing, by the secure application, a secure clock initialization procedure comprising obtaining the record of the current time from the RTC for initializing the secure clock based on a transition from the first low-power-mode to the first normal-mode; performing, by the secure application, a clock update procedure as part of a transition from the first normal-mode to the first low-power-mode, the clock update procedure comprising, via a first communication link between the secure application and the RTC, providing for updating of the RTC with the secure record of the current time; and preventing the non-secure application from performing the clock modification procedure after the clock update procedure has been performed, whilst the secure application is in the first low-power-mode and prior to a subsequent secure clock initialization procedure.
17 . The method of claim 16 , wherein the method comprises:
performing the clock update procedure after the non-secure application has transitioned from the second normal-mode to the second low-power mode.
18 . The method of claim 16 , wherein the method comprises:
performing the clock modification procedure based on a change in temperature for calibration of the RTC.
19 . The system of claim 1 , wherein
the at least one processor comprises a single processor comprising at least two cores comprising a first core and a second core, wherein, the first core is configured to execute the secure application and the second core is configured to execute a non-secure application.
20 . The system according to claim 1 , wherein
the system forms part of a system on a chip (SOC) arrangement.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.